Silk Road forums

Discussion => Newbie discussion => Topic started by: Skkky on January 18, 2013, 09:58 am

Title: PINS FUCKIN STUPID IDEA!!
Post by: Skkky on January 18, 2013, 09:58 am
So I've read every review I could get my hands on before adding my BC and trying to make a purchase and NON OF THEM mention this stupid PIN..  Why can't it just be your log in password or something simple like that? I don't even remember the site asking me to create or give me one.  Well I used up my attempts to make a purchase and have to to wait about another week before I can spend MY BC!!   Something so important should be in big red letters starting with IMPORTANT INFO, PINS.  or something like that. If  I new, I would have made a new account before dumping my BCs in.   I new this site just seemed to perfect.. :(
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: discgolfking on January 18, 2013, 10:48 pm
whenever you start a new name or just joined ansd try and make a purchase your pin will not work. you will get message from SR administration saying your acctg iis froze for 3 days until they reset your pin happens all the  time   welcome to silk road
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: DrChong on January 18, 2013, 11:51 pm
It's just like the pin you use at the ATM. It's not that hard to understand the security purpose of a PIN. Sheesh.
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: kola_nutz on January 18, 2013, 11:59 pm
I guess they wanted to provide an extra layer of security.  If I got money involved like bitcoins, I def like the idea of making it harder for someone to hack my shit and steal my coins..
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: Believe on January 19, 2013, 04:12 am
SAME exact thing happened to me. I just made another account and I'm trying to contact SR Support to get my coins in that account transferred. Let me know what happens with your account!
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: AcrylicArt on January 19, 2013, 04:42 am
Yep more security, I have my pin memorized in my head, it's-...Uh...Maybe I wrote it down somewhere? Whoops... :)
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: Skkky on January 19, 2013, 08:43 am
It's just like the pin you use at the ATM. It's not that hard to understand the security purpose of a PIN. Sheesh.

So whats the login name and passphrase for?   When I go to a ATM, I don't have to log in with a password and then once I'm in , type another PIN to withdraw MY MONEY.....  Thats what happens here.   Isn't username and password enough??  Like online banking.. lol
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: MaidMandy on January 19, 2013, 10:33 am
The PIN is there for your protection - it adds an extra layer of security, so if someone got into your account, they couldn't spend your bitcoin without the PIN. When you are signing up, it states clearly in italics not to forget your PIN. Maybe you should have been more observant when you were signing up. Everyone is responsible for their own actions...just saying ;)
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: Skkky on January 19, 2013, 10:48 am
If they're that smart to get my user name and pass phrase, on Tor browser, they deserve to have the coins.  I don't see how somebody would be able to hack the user name and the password, but then have trouble getting the PIN..lol       If such  a scenario exists please share.  Banks don't even do this.
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: Disco-stu123 on January 19, 2013, 11:50 am
So I've read every review I could get my hands on before adding my BC and trying to make a purchase and NON OF THEM mention this stupid PIN..  Why can't it just be your log in password or something simple like that? I don't even remember the site asking me to create or give me one.  Well I used up my attempts to make a purchase and have to to wait about another week before I can spend MY BC!!   Something so important should be in big red letters starting with IMPORTANT INFO, PINS.  or something like that. If  I new, I would have made a new account before dumping my BCs in.   I new this site just seemed to perfect.. :(

Be careful what you wish for.
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: cajunstyle54 on January 19, 2013, 12:58 pm
I'm with skkky, I was a little pissed being caught so off guard like that. I have all my passwords and important account information written down and I know I wouldn't have forgotten something as important as that. But hey at least I have this week to make 50 useless rambling posts about some shit I don't like.
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: Polly Ester on January 19, 2013, 01:22 pm
Just thought i'd pop in and do a quick bit of spamming to get to 50
Sorry
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: Sumtingwong on January 19, 2013, 01:30 pm
It really isn't that hard
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: firehose on January 19, 2013, 02:17 pm
god Damn op  be a retard or 12 years old
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: vorvon on January 19, 2013, 03:04 pm
Just thought i'd pop in and do a quick bit of spamming to get to 50
Sorry

me, too!
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: thegoat on January 19, 2013, 03:41 pm
and me..... having said that the pin is a good idea
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: Skkky on January 19, 2013, 08:02 pm
It really isn't that hard

Never said it was hard, said its stupid.. 
If you're new and use to registering online for a number of different services including online banking and stock trading, then sign up on SR the first time, the PIN request throws you off.  I don't EVER remember being given one or asked to make one.    Also, if you're new like me, you joined out of curiosity and not to purchase anything, but once you get to browse a little the light bulb comes on.  Then you have to read and read and read, how to get bitcoins, setup, etc.... Then finally when you think you want to make a little tester purchase BAM... no PIN to complete your order and on top of that we're going to hold on to your BCs so you can't use them anywhere else.. lol
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: wert4lol on January 19, 2013, 08:20 pm
Its a great idea. SR is about security. If you can not understand that and find a method to remember important information, then learn how.
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: DuncanMacLeod on January 19, 2013, 08:38 pm
It's just like the pin you use at the ATM. It's not that hard to understand the security purpose of a PIN. Sheesh.

So whats the login name and passphrase for?   When I go to a ATM, I don't have to log in with a password and then once I'm in , type another PIN to withdraw MY MONEY.....  Thats what happens here.   Isn't username and password enough??  Like online banking.. lol

Dude. When you go to the ATM, you insert a PHYSICAL card, and then enter a pin to get your cash. On SR, you insert a login/password combination, then enter a pin to get your cash. Where is the difference ? And you talk about online banking. Online banking now usually requires you to enter your customer code, type a pin on a virtual keypad, and confirm whatever transaction you want to do by typing a confirmation code sent on your email or on mobile phone. Some banks even give RSA keys now.
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: Skkky on January 20, 2013, 12:23 am
It's just like the pin you use at the ATM. It's not that hard to understand the security purpose of a PIN. Sheesh.

So whats the login name and passphrase for?   When I go to a ATM, I don't have to log in with a password and then once I'm in , type another PIN to withdraw MY MONEY.....  Thats what happens here.   Isn't username and password enough??  Like online banking.. lol

Dude. When you go to the ATM, you insert a PHYSICAL card, and then enter a pin to get your cash. On SR, you insert a login/password combination, then enter a pin to get your cash. Where is the difference ? And you talk about online banking. Online banking now usually requires you to enter your customer code, type a pin on a virtual keypad, and confirm whatever transaction you want to do by typing a confirmation code sent on your email or on mobile phone. Some banks even give RSA keys now.

Yeah, my bank and Etrade don't do that. Virteex doesn't do that.   I log in with my card number and I made my own password for online banking..   Thats not even the point...   Please explain the scenario were this PIN is going to help us?   Are saying, a hacker was smart enough to get your login  and pass, but can't figure out the PIN, or is another scenario in play here?
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: SubStrips on January 20, 2013, 12:32 am
Have to remember
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: TryptaManiac on January 20, 2013, 05:33 am
come on dude you couldn't remember it? tsk tsk
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: midwestmedical on January 20, 2013, 06:12 am
In the past "fake" silk road login pages have set up with URL's that are similar to SR's URL but a little off.  The hacker behind the phishing attack then posts their fake URl all over and logs all the username and password combos that are tried on his page.  This happened not that long ago where the link on the wikipedia page was changed to a phishing site and everyone who was using the wikipedia link was sent to the phishing site that looked identical to the SR login page.  The

Without a pin, the person behind the attack would be able to log into accounts and instantly drain them when he tricks someone into trying his page.  The use of the pin protects everyone from these kinds of phishing attacks. 
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: Skkky on January 20, 2013, 06:42 am
In the past "fake" silk road login pages have set up with URL's that are similar to SR's URL but a little off.  The hacker behind the phishing attack then posts their fake URl all over and logs all the username and password combos that are tried on his page.  This happened not that long ago where the link on the wikipedia page was changed to a phishing site and everyone who was using the wikipedia link was sent to the phishing site that looked identical to the SR login page.  The

Without a pin, the person behind the attack would be able to log into accounts and instantly drain them when he tricks someone into trying his page.  The use of the pin protects everyone from these kinds of phishing attacks.

WOW!! I didn't know that, and thats what I was asking for..

Thanks..  ok PIN stays :)
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: ItalianMafiaBrussels on January 20, 2013, 09:39 am
Just thought i'd pop in and do a quick bit of spamming to get to 50
Sorry

me, too!
Instead of trying to post something intelligent, i'll just go along and also admit what my real intention was  :-[



.... lol im really getting a laugh of some of the spam posts
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: fred5 on January 20, 2013, 08:47 pm
The site has always asked for a pin when registering... you probably were just too excited to get in to remember it :P That's why the pin reset exists :)
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: MaoZedong on January 20, 2013, 08:53 pm
The security of a pin comes in handy when dealing with phishing websites. A phishing website would be set up to mimic the login page of SR so it would be very easy for them to collect unknowing user's username and password. The security comes in when they try to withdraw your bitcoins to their address they wont be able to without knowing your pin.

Phishers know this is the case which is why they ask for your pin on their fake login page.

If SR ever asks you to for a pin at login, check the URL to make sure you're on the real SR.

remember... silkroad
vb5
piz3r
.onion...if you can remember that you are in good shape to not get scammed.
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: SubStrips on January 20, 2013, 09:04 pm
Have to believe in your pin.
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: Skkky on January 20, 2013, 10:17 pm
I think PIN should be a extra option for people that want it. 
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: bernardo29 on January 21, 2013, 03:13 pm
Lord praise the PIN
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: trippylizard on January 21, 2013, 03:53 pm
Dude. When you go to the ATM, you insert a PHYSICAL card, and then enter a pin to get your cash. On SR, you insert a login/password combination, then enter a pin to get your cash. Where is the difference ? And you talk about online banking. Online banking now usually requires you to enter your customer code, type a pin on a virtual keypad, and confirm whatever transaction you want to do by typing a confirmation code sent on your email or on mobile phone. Some banks even give RSA keys now.

A card is something you possess. A pin is something you know. It's called two-factor security. A password (something you know) and a PIN (something else you know) isn't two-factor security so that's where the difference lies.

If someone can hack the db to get your password, they can hack it to get your pin. Hell, with only 10000 possible combinations, a modern CPU could work out a PIN in a fraction of a second, if it's even been hashed in the first place.
If they can beat you until you tell them your password, they can beat you until you also tell them your PIN.
If they can sneak up on your machine once you're logged in and try to make an order, but not knowing your PIN would have stopped them, then requiring your password to make an order/transfer and them not knowing your password would also have stopped them.

On the other hand, if you re-used the same login and password on these forums as you did your SR account (you didn't, did you?) then it at least stops a malicious forum operator or forum security breach from stealing all your bitcoins. Unless you used 1234 for your pin (you didn't, did you?).
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: Thirdplace on January 21, 2013, 05:42 pm
There is a plethora of threads like this in the rest of the forum.  The pin was created FOR YOU so your btc aren't stolen and nobody else makes a purchase with your account.  It kinda sucks when you don't remember it because it can be super inconvenient, but it's what we have and it actually works very well for it's purpose.
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: RequestToSend on January 21, 2013, 07:31 pm
Bottom line is having the PIN has protected at least some users against having their funds stolen and this thread is not likely to change the policy.

When you set your PIN there was a message along the lines of "Do not forget this."  If you can't manage to remember or securely store your PIN then you need a wait a few days.

The next challenge some users have after the PIN is getting their address right.  It amazes me how often users get that wrong.
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: suavee on January 21, 2013, 08:19 pm
Yes so excited to make my first order with NorthwestDirect only to be stopped by a fuckin pin which I dont recall being asked for in the beginning. Now I miss out on the extras he was throwing in for his promo.sucks
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: Thirdplace on January 21, 2013, 08:43 pm
There have been increasing reports of people NOT being prompted to make a pin when they create their account.  Honestly, it doesn't surprise me.  Yeah, it IS super inconvenient. Yes, I've forgotten my pin once. 

Honestly though, you've gone your whole life without using the SR.  Waiting another week for your pin isn't going to kill you.
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: suavee on January 21, 2013, 08:53 pm
There have been increasing reports of people NOT being prompted to make a pin when they create their account.  Honestly, it doesn't surprise me.  Yeah, it IS super inconvenient. Yes, I've forgotten my pin once. 

Honestly though, you've gone your whole life without using the SR.  Waiting another week for your pin isn't going to kill you.

Yes Im nit too ticked about waiting just that im going to miss out on the promotion he was having but im sure there will be others
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: magicpearl on January 21, 2013, 09:58 pm
dito... x
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: NorthWestDirect on January 26, 2013, 04:43 am
Suavee.. Just stumbled upon your thread here.

We feel for you bro.

Just remind us on your order, and we will honor the promotion. Maybe even throw a goodie in ur pack for ya bro.

We understand how frustrating that might be and to start a new account a lose your stats would be a pain in the ass.

They should come up with three questions and answers to comfirm for lost pin IMO (like many clearnet sites do) is there any problem with security issues on that?

There should be a fairly painless way to prove your (anonymous) identity on here AKA verifying that you are the rightful owner of that acct etc.

Also if an account such as our (knock on wood) got hacked we should be able to prove that it is ours (via forums etc.) via a few security questions to take back control and lock all BTC in acct and escrow.

Y'all following me?

NWD
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: Jim of Asgard on January 26, 2013, 05:19 am
pins are a great idea. i admit to nearly forgetting mine before my first buy but i understand how good they are for security
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: HeatFireFlame on January 29, 2013, 09:25 pm
Hey all, In a very similar boat, Heres a link to a post i made earlier ,Not had any replies yet so im just posting here maybe someone can help, how do you actually get the pin reset link?

heres the link
Thanks to everyone who helps me i really appreciate it.

http://dkn255hz262ypmii.onion/index.php?topic=114140.msg775131#msg775131
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: GAZOO on January 29, 2013, 09:54 pm
Just a reminder when you create an account

It asks for a username

it asks for a pass phrase
it ask you to retype to confirm

it asks for a pin
It ask you to retype to confirm

it then says
DO NOT forget your PIN!

You then select locating
type captcha
and your done



For people forgetting the pin don't blame anyone but the person in the mirror.

I have read many posts in the past about getting hacked and losing access to there account for a period of time but not to there losing the BTC as the PIN stops hackers from accessing this part of your account.
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: HeatFireFlame on January 29, 2013, 10:11 pm
First of all i dont think anyone is trying to blame someone for their pin not working, They just want a solution on how to fix it asap as they have btc's in the account and dont want to lose them obviously. Well that's my situation anyway.
I have emailed SR support but no reply yet, Will just have to wait till tomorrow i think.
Can anyone get me a password reset link or do they send you it? 
What do i do now?

This is my situation.             http://dkn255hz262ypmii.onion/index.php?topic=114140.msg775131#msg775131
Cheers all
Title: Re: PINS FUCKIN STUPID IDEA!!
Post by: David888 on January 29, 2013, 10:13 pm
can't believe ppl forgetting this all the time... EVEN SAYS WHATEVER YOU DO DONT FORGET YOUR PIN